Technology continues to develop and change at a lightning pace. Socioeconomic forces are shifting. Collective revulsion at income inequality is growing. Concern about human rights, climate change, and the environment are prominent issues in global forums and legislative bodies. Natural resources are being depleted at an astonishing rate. Population growth is accelerating at an unprecedented pace in the developing world. All these issues — and many others — are contributing to a fundamental shift in how we should think about the world, and by extension, risk management.
The transparency and interconnectedness of information, the mobility of goods, services, and people, and the seemingly constant nature of change in the twenty-first century make for a truly breathtaking landscape from which risk managers and decision makers must view the world. In this increasingly complex environment, we have no choice but to be informed, shake off our pre-conceived notions about what constitutes operational “normality,” embrace change, and do so being prepared for battle. Why? Because to succeed in this kind of environment, a battle must be waged on how risk managers and decision makers think and act.
The need for twenty-first century risk management designed to tackle these issues is essential, yet risk management protocols are playing a game of constant catch up. As a result of the dynamic and constantly changing global landscape, risk managers and decision makers are struggling to respond, and have been forced into a state of perpetual reactivity. While it is absolutely true that some of today’s challenges cannot be predicted or prevented, others can, but even those require a change of mind set, standards, and protocols in order to address them proactively.
The ever-present risks of interstate conflict, terrorism, chronic unemployment/underemployment, extreme weather events, water crises and cyber-attacks represent the integration of political, economic, environmental and technological risks. None of these is within the control of an individual or organization, and some are not even in the control of any government. Any “Chinese wall” that may have been perceived to have existed between these categories no longer exists — either in terms of perceived likelihood or impact. We no longer have the luxury of assuming that an event in another part of the world will not impact our ability to function at home, or elsewhere abroad. The age of global shocks is upon us and man-made risk is the central actor — agility in the face of this challenging risk landscape is our best countermeasure.
Risk agility is also about asking the right types of questions, such as, “Has the decision maker ever been to all the locations where the business is operating? If so, was it more than a year ago? Does the organization have the information, insight, and tools needed to prepare for a global shock? Does corporate culture create an environment conducive to challenging long-held beliefs and operational practices? Are employees who challenge collective wisdom rewarded or punished?” The potential consequences of not being able to answer such questions in the right way are greater than ever.
Global shocks are, by definition large, high profile, often irreversible, and with long-lasting consequences. Managing global shocks therefore implies the need for a range of inputs and resources that include the ability to integrate resources and information from the private and public sector together with that of the academic and NGO world, in order to produce the best possible planning tools. This is a collective battle.
Against this dynamic backdrop, where change is the one constant, and where interdependencies imply inherent uncertainty, past experience is not necessarily helpful in determining the best course of future action. What may have been true yesterday is almost by definition not going to be the case tomorrow. By default, organizations must adopt forward-thinking and forward-looking approaches to managing risk. In today’s world, it is the forces that drive change — and the ability to identify and embrace them — that can matter the most.
Adopting a broader view of risk that places an emphasis on having specialized knowledge inside an organization to specifically address issues that are, or will prove to be, critical to the organization is no longer just nice to have — it is essential. Ensuring policy consistency, prioritizing risks, exchanging information transparently, and making best practices the standard practice are also essential to effectively managing risk today, as is the ability to understand what “the process” tells a decision maker.
Global risk agility is as much about being bold and taking responsibility as it is about having both temerity and deference toward the unprecedented upsurge in man-made risk. The agile risk manager is in many respects a new renaissance leader — who knows as much about quantitative as well as qualitative risk, is a student of history as well as a master of current events, and understands the long-term impact of actions being taken today, rather than merely being short-term and profit orientated. The agile risk manager conscientiously strikes a balance between the maximizers, whose modus is as much as we can as fast as we can, and the optimizers, who strive for as much as necessary for as long as possible.
In this era of the collision between man-made and natural risk, agile risk managers are a new breed of organizational leaders who are part psychologist and part financial guru. To rise to the occasion and help organizations harness the unprecedented yet unforgiving upside that can be created, we must move the discipline of risk management from being a business prevention function — a cost of doing business — to being a catalyst for longevity. Organizational resilience and enhanced chances of survival are the objectives and outcomes of risk agility.
Agility implies a deftness of movement; whether the required pace given the circumstances is slow or fast — movement is the key. Standing still is usually not an option. We do not need to be taught that observing smoke rising from a few floors beneath us and standing still is clearly ill advised. Similarly, while the data may suggest that everything is fine, silencing one’s instincts occurs all too often in organizational decision making. Agile risk managers therefore need to be as courageous in confronting authority as they are poised in the face of new challenges.
Professionals in the decision making and risk management domains need to take a long look in the mirror. They need to adapt personally, as do the organizations they work for —particularly since organizations are beginning to leave board rooms and corner office doors ajar. For organizations to fully harness the power of risk agility, those at the top need to be challenged to fully integrate and master long range planning, entrepreneurial culture, and bounded risk-taking not merely as profit mechanisms, but as a means of survival.
If risk management were based solely — or even primarily — on past data and experience, and if risk managers and decision makers were unable to adapt to the underlying conditions that define risk, the game would be over before it began. By the same token, adopting a reactive approach clearly will not work. What is required is a proactive approach, which entails closely monitoring the forces that drive change, analyzing their relationship to risk, and adapting the strategies required to manage risk flexibly. While we must integrate the lessons of history into the risk analysis process, risk agility is all about harnessing those lessons and combining them with rigorous instinct to generate effective decision making in the era of man-made risk.
Dante Disparte is founder and CEO of Risk Cooperative. Daniel Wagner is founder and CEO of Country Risk Solutions. The content of this column is from their forthcoming book, “Global Risk Agility and Decision Making” (Macmillan).